从PHP脚本的.htaccess验证，以prevent浏览器对话框 [英] .htaccess authentication from a php script to prevent a browser dialog box

问题描述

使用PHP我验证用户身份，然后在幕后，他们然后再次验证第二次跟单的.htaccess用户名和放大器;密码。这将是相同的所有用户，但我不希望他们再次输入用户名和密码，他们现在将被允许进入密码保护的目录。我preFER不使用的http：//用户名@密码：somedomain.com

Using php I authenticate a user, then behind the scenes,they are then again authenticated a second time with a single .htaccess username & password. This would be the same for all users, but I would not want them to have to enter a username and password again and they would now be allowed to enter the password protected directory. I prefer not to use http://username@password:somedomain.com.

有什么想法？

推荐答案

您不应该这样做。

或者：

1. 添加code到你的.htaccess保护的目录来使用你的PHP认证方案并取出的.htaccess验证。

1. Add code to your .htaccess protected directory to use your PHP authentication scheme and remove the .htaccess authentication.

写新的PHP网页/脚本，通过它您的身份验证的用户将要访问的所有受保护的内容。将受保护的内容在Web根目录，或使用.htaccess文件拒绝所有访问。您的脚本将能够访问这些文件，但用户将不得不通过脚本来访问它们。

Write a new PHP page/script through which your authenticated users will access all of the protected content. Move the protected content out of the web root, or use your .htaccess file to deny all access. Your script will be able to access the files, but users will have to go through the script to access them.

这篇关于从PHP脚本的.htaccess验证，以prevent浏览器对话框的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！